Impersonation without knowing a password

Question

_{Saturday, November 24, 2007 4:36 PM}

Running as administrator is it possible to Impersonate another user without knowing or resetting their password?

All replies (3)

_{Sunday, November 25, 2007 4:16 AM ✅Answered}

You must have both name and password to impersonate - what you can do is create test users with the same settings as the real users, same groups, same security settings, etc...

bool returnValue = LogonUser("Administrator", "MyDomain", "MyPassword",

LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,

ref tokenHandle);

bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref dupeTokenHandle);

WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);

_{Sunday, November 25, 2007 4:51 AM}

NO. This is not impersonation. You need to create a generic account.

Adam

_{Sunday, November 25, 2007 7:23 PM}

I am using Uwe Keim's Impersonation class (from CodeProject.com) that says:

 if (LogonUser(   userName, domain,  password,  LOGON32_LOGON_INTERACTIVE,                      LOGON32_PROVIDER_DEFAULT, ref token) != 0)
 {
      if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
      {
          tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
          impersonationContext = tempWindowsIdentity.Impersonate();
       }
}

This works. I am trying see the effect of connecting to Sql Server when impersonating users such as [NT AUTHORITY\NETWORK SERVICE] , [NT AUTHORITY\IUSR]. I do know how to impersonate these users as I do not know their passwords.